CYBER SECURITY in the SINGAPORE FINANCIAL SECTOR Tony Chew, Director, Technology Risk Supervision Monetary Authority of Singapore © Tel: 62299109 Email:

Slides:



Advertisements
Similar presentations
Nishidh, CISSP. To comply with Sarbanes oxley and other legislations To comply with industry standards and business partner requirements To protect.
Advertisements

Welcome To Presentation on Holistic Information Security Management.
Proposed FMRP Course for Middle & Back Office Support Functions Foundation Module Objectives To understand the structure of Financial Markets To be aware.
The ROLE of the ACTUARY in INSURANCE PRUDENTIAL SUPERVISION Yangon, Myanmar 14 July 2014 Chi Cheng Hock, FFA.
Topic Outline — Information security? — Security Why? — Security approach — Vocabulary — The weakest link — Real life security sample.
Palestine Capital Markets Authority1.  PCMA has been established in 2005 to be the REGULATOR for the non- banking financial sectors  Sectors under the.
IOR Scottish Chapter Annual Conference Glasgow Caledonian University – 1 st November 2013 Relevance of Operational Risk to the FCA Jill Savager Manager,
#AVeSPresents AVeS Cyber Security Confidence in your Digital Information 2014/09/25 Charl Ueckermann Managing Director AVeS Cyber Security Lex Informatica.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
E-Security Background IT Infrastructure in Sikkim Current Status of Cyber Security& Cyber Crime in SIkkimCurrent Status of Cyber Security& Cyber Crime.
Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.
Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
FIT3105 Security and Identity Management Lecture 1.
Regulation of Commercial Banks. Regulation on commercial banks Saudi Arabian Monetary Agency (SAMA) is responsible for ensuring soundness of the banking.
Maintaining & Reviewing a Web Application’s Security By: Karen Baldacchino Date: 15 September 2012.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.
Online Banking Security Magdalena Padyasek. Why Security?  Computer-based businesses  Advances in technology  Internet crimes  September 11 th attacks.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
INTRODUCTION Coined in 1996 by computer hackers. Hackers use to fish the internet hoping to hook users into supplying them the logins, passwords.
Securing Information Systems
Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.
SEC835 Database and Web application security Information Security Architecture.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
Defining Security Issues
Information Security Update CTC 18 March 2015 Julianne Tolson.
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
PCI: As complicated as it sounds? Gerry Lawrence CTO
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
World Bank Integrator Unit Electronic Security and Payment Systems: Some New Challenges Tom Glaessner Thomas Kellermann Valerie McNevin The World Bank.
A Step Into The Computer Underground 1 “By Understanding The Enemy We Are Better Prepared To Defend Ourselves”
C8- Securing Information Systems
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
III Congreso de Prevención del Fraude y Seguridad Cyber Threats to the Financial Service Industry and Response.
IT Security/Online Loss Prevention Bill Finnerty Assistant Director of Information Technology Cumberland County.
Looking beyond the obvious!! HOW SECURE IS BANKS’ CORE DATA? Prashant Pande Head Professional Services IDBI Intech Ltd.
Michael McDonnell GIAC Certified Intrusion Analyst Creative Commons License: You are free to share and remix but you must provide.
Supervision of Information Security and Technology Risk Barbara Yelcich, Federal Reserve Bank of New York Presentation to the World Bank September 10,
Mobile Banking By: Chenyu Gong, Jalal Hafidi, Harika Malineni.
Communications-Electronics Security Group. Excellence in Infosec.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Recent Cyber Attacks and Countermeasures September 2006.
IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.
Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.
Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Financial Sector Cyber Attacks Malware Types & Remediation Best Practices
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
The cost of Cybercrime 1 Steve Lamb Regional Marketing Manager – EMEA, Enterprise Security Products Twitter: actionlamb.
E-Commerce E-Commerce Security?? Instructor: Safaa S.Y. Dalloul E-Business Level Try to be the Best.
How to Face E-security Challenges Xia Lingwu Division Head International Department China Banking Regulatory Commission 11 September 2003 Global Dialogue/World.
TAKE CHARGE OF YOUR FINANCES Submitted by- Ankita Pabale WRO ONLINE BANKING.
PROTECTING THE INTERESTS OF CONSUMERS OF FINANCIAL SERVICES Role of Supervisory Authorities Keynote Address to the FinCoNet Open Meeting 22 April 2016.
Online Banking. Learning Objectives To learn how society has been affected by online banking.
1 EXPANDING E-BUSINESS OPPORTUNITIES FOR VIETNAM Presented by Russell Pipe Director of E-Government Programs Kenan Institute Asia – Bangkok at the VIETNAM.
The banking system of Singapore Saint-Petersburg 2010 Author: Chernova Anna 1st year student of the Master programme International Banking Institute.
Securing Information Systems
Cyber Security Zafar Sadik
INVESTMENT BANKING.
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
Securing Information Systems
Information Security based on International Standard ISO 27001
Andy Hall – Cyber & Tech INSURANCE Specialist
ISMS Information Security Management System
John Carlson Senior Director, BITS
Unit 8 Network Security.
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

CYBER SECURITY in the SINGAPORE FINANCIAL SECTOR Tony Chew, Director, Technology Risk Supervision Monetary Authority of Singapore © Tel: WORLD BANK VIDEO SATELLITE CONFERENCE September 10, 2003

CYBER SECURITY and TECHNOLOGY RISK MANAGEMENT M ONETARY A UTHORITY OF S INGAPORE HOW DOES MAS PROMOTE IN THE FINANCIAL SECTOR ?

1. BANKING ACT – PRUDENTIAL REQUIREMENTS. 2. SUPERVISORY AND REGULATORY PROCESS. 3. NOTICES, ADVISORIES AND DIRECTIVES. 4. TECHNOLOGY RISK MANAGEMENT GUIDELINES. 5. INSPECTION AND TECHNOLOGY RISK ASSESSMENT. SAFETY AND SOUNDNESS FRAMEWORK

The 2 largest banks in Singapore were attacked by hackers. UOB in June 2001 DBS in June 2002 TWO HACKING INCIDENTS

On 4 July 2001, UOB discovered an intrusion into its internet banking system. Hackers from Eastern Europe attacked the bank’s online system. HACKING INTO ONLINE BANKING On 19 June 2002, between 8:20 am and 9:20 am, a hacker broke into 21 DBS customer accounts and transferred $62,000 from their accounts to his account. At 10 am, he walked into a branch and withdrew the stolen money.

HACKING INTO CYBER BANKING Web Server Crypto Server Database Server HOST HSM SSL PIN attack Virus/worms, backdoors, keyboard sniffers, AV/FW evasion

TECHNOLOGY RISK MANAGEMENT VULNERABILITIES THREATS CONSEQUENCES AND LOSSES RISK CONTROL AND SECURITY Level of Risk COSTCOST EXPOSUREEXPOSURE

CAMELO T S RISK RATING SYSTEMS INTEGRITY SYSTEMS CONTROLS TECHNOLOGY RISK ASSESSMENT PROCESS IS BASED ON 6 SYSTEMS CRITERIA COMPLIANCECOMPLIANCE SECURITY PRACTICES RECOVERYRECOVERY RISK MANAGEMENT

INTERNET BANKING 1. Establish robust risk management process. 2. Strengthen system availability, security, recoverability. 3. Deploy strong cryptography to protect data. Technology Risk Management Guidelines

TECHNOLOGY RISK MANAGEMENT Delineate responsibility for safety and soundness. Establish responsibility for managing technology risks. Nurture a risk awareness culture. Rectify the weakest security link. Conduct vulnerability and security assessment. Invest in system reliability and integrity. Prepare for contingencies and disruptions. Educate customers on security precautions. Manage outsourcing risks. Guidelines for Financial Institutions

SECURITY GUIDELINES FOR MOBILE BANKING AND PAYMENTS 1. Introduction – authentication and fraud detection 2.Risk management framework 3.Types of services 4.Technology risk management 5.Security practices a) PIN security b) Network and system security c) Cryptographic key management d) General security practices e) Customer education

END

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.